HOW CYBER INSURANCE CAN PROTECT YOUR BUSINESS
As reliance on digital technology continues to grow, so does the need for business protection in the event of a cyberattack. Cyber Insurance is becoming an increasingly popular solution, and we’ve been asked a lot about it lately.
Below are the questions we often hear:
- What is “Social Engineering” when it comes to Cyber Insurance?
- What is the difference between Crime Cover and Social Engineering under a Cyber Insurance policy?
- Am I covered under a Cyber Insurance policy if my cloud provider is hacked?
We share these so you can make sure you have adequate coverage and protection against potential threats.
WHAT IS “SOCIAL ENGINEERING” WHEN IT COMES TO CYBER INSURANCE?
“Social Engineering” in the context of Cyber Insurance refers to the manipulation of individuals into performing actions or divulging confidential information for malicious purposes. This is often accomplished through psychological tricks such as phishing scams, baiting, impersonation, and pretexting.
Cyber Insurance policies may cover losses resulting from Social Engineering attacks, but the coverage can vary between policies and providers. Some policies may provide coverage for the costs of investigating a breach, restoring systems and data, and protecting against further attacks, while others may exclude coverage for Social Engineering attacks altogether.
As a general statement, most Cyber Insurance companies offer Social Engineering as an option extension, and it is generally not automatically included. That’s why it is important for organizations to carefully review the terms and conditions of their Cyber Insurance policy to understand the extent of coverage for social engineering attacks.
WHAT IS THE DIFFERENCE BETWEEN CRIME COVER AND SOCIAL ENGINEERING UNDER A CYBER INSURANCE POLICY?
Cyber insurance policies typically offer optional extensions for including both Crime coverage and Social Engineering coverage, however, there is a distinction between the two.
In the context of Cyber Insurance, crime coverage may include losses from cybercrime, such as unauthorized access to systems, data theft, or the unauthorized transfer of funds.
Social Engineering coverage, on the other hand, is focused specifically on losses resulting from the manipulation of individuals into performing actions or divulging confidential information. This could include losses from phishing scams, baiting, impersonation, and pretexting, as well as from phone or email fraud.
Agile CyberCare covers small businesses against cyber threats and data breaches, including 24/7 emergency response for incidents.
Cyber Liability Insurance is designed to help protect you from claims and support your profitability in the event of a cyber breach or attack.
Agile CyberSelect is aimed at mid-market to corporate clients and is a comprehensive Cyber Insurance policy with 16 policy benefits and 24/7 incident response.
Social Engineering coverage, on the other hand, is focused specifically on losses resulting from the manipulation of individuals into performing actions or divulging confidential information. This could include losses from phishing scams, baiting, impersonation, and pretexting, as well as from phone or email fraud.
It is important to carefully review the terms and conditions of your Cyber Insurance policy to understand the extent of Crime coverage and Social Engineering coverage offered. It is important to check that you have cover for both, and not just one of two. Typically, the policy has a maximum sub-limit for these covers which is $250,000.
AM I COVERED UNDER A CYBER INSURANCE POLICY IF MY CLOUD PROVIDER IS HACKED?
Whether you are covered under a Cyber Insurance policy in the event of a hack of your cloud provider depends on the specific terms and conditions of your policy.
Only some Cyber Insurance policies automatically provide coverage for data breaches, including those that occur at a third-party service provider, such as a cloud provider. In these cases, the policy may cover the costs of investigating the breach, restoring systems and data, and protecting against further attacks.
Other Cyber Insurance policies only offer this cover as an optional extension and refer to the coverage as “Contingent Business Interruption”.
It is important to note, however, that not all cyber insurance policies provide coverage for breaches at third-party service providers, and some policies may include exclusions or limitations on this type of coverage. That’s why you should carefully review the terms and conditions of your cyber insurance policy to understand the extent of coverage for breaches at third-party service providers, and to discuss any potential gaps in coverage with your insurance broker.
It is also a good idea to consider implementing additional security measures, such as encryption and multifactor authentication, to protect your data in the event of a breach at a third-party service provider.